What is CVE-2023-32137?

CVE-2023-32137 is a medium-severity vulnerability in D-link Dap-1360, classified under Path Traversal. CVSS score: 4.3/10. Published 2024-05-03.

How severe is CVE-2023-32137?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Path Traversal in D-link Dap-1360

CVE-2023-32137

D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (24.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

D-link Dap-1360 — versions 6.14B01 EU HOTFIX

Weakness classification (CWE)

CWE-22 — Path Traversal

References

ZDI-23-529 (x_research-advisory)
vendor-provided URL (vendor-advisory)

Frequently asked questions

What is CVE-2023-32137?: CVE-2023-32137 is a medium-severity vulnerability in D-link Dap-1360, classified under Path Traversal. CVSS score: 4.3/10. Published 2024-05-03.
How severe is CVE-2023-32137?: Medium severity. CVSS v3 base score is 4.3 out of 10.